This Android Malware Can Overwrite Legitimate Apps: lifehacker.com

by Abbott

You may be aware of malware hiding in programs that appear authentic but aren’t, and you should be alert for it. However, what occurs when malevolent individuals inadvertently gain control of genuine, legitimate apps with the intention of executing their programs?

That’s precisely what transpired with a collection of Android apps: The problem, known as “Dirty Stream,” is a vulnerability that lets malicious apps take control of legitimate ones. Microsoft initially made the public aware of it. The method used by Dirty Stream depends on a weakness in ContentProvider, the framework that permits many apps to share a single data collection. It would be necessary for apps to be able to share data and interact with one another, which would limit their usefulness and convenience. 

Malevolent actors are centered on “share targets,” or applications that eavesdrop on data and files sent by other applications. These applications usually include browser apps, social networking, messaging, email, and other apps. These programs would receive malicious files from their phony apps, which would intercept them as usual and unintentionally replace crucial files in their own data set. Through the use of this vulnerability, malevolent actors may be able to run their code on your device, possibly seizing control of it and collecting your personal information. 

Microsoft listed a few applications with a combined install count of over four billion that are known to be impacted by Dirty Stream. At the time of Microsoft’s announcement, four of the apps on the list had each received over 500 million installations. File Manager has over one billion installs, while WPS Office has over 500 million. 

The standard recommendation would be to remove these apps from your phone. However, these programs aren’t harmful because they were abducted. As a result, developers responded to Microsoft’s alerts and eliminated the malware from their apps. 

How to guard against this latest malware on Android devices 

Developers are fixing the affected apps. What can you do to protect yourself?

When it comes to Android malware, this problem is really unusual: How can an end user take action if a legitimate program is hacked with malicious intent? Who would have guessed that the stock file manager on Xiaomi phones would be so thoroughly abused? 

Apart from these unusual conditions, standard counsel applies here as well: Take caution when downloading anything. There was indeed nothing you could have done to stop the legitimate apps from getting infected here, but another malicious program caused their initial hijacking. Because of this, it’s crucial now more than ever to exercise caution when downloading and installing Android apps. 

The Google Play Store is always going to be your best option.

Android sideloading is useful but risky. Especially outside the EU, rogue apps are a concern.

Google has taken steps to reduce the likelihood of a malicious app making its way onto the market. Naturally, this does not imply that all of the apps in the Play Store are secure. You must still carefully consider any program you choose to install. Avoid downloading any app, Play Store or not, if something about it seems wrong. 

Sadly, it doesn’t seem like anyone has disclosed information on these rogue apps’ identities. Take a look at your phone and remove anything that raises red flags for you. 

Microsoft advises you to keep all your programs up-to-date as new updates guard against this infection.

The business also suggests that customers update their passwords in the Xiaomi File Manager software. 

For more information visit: https://lifehacker.com/tech/this-android-malware-can-take-over-legitimate-apps

You may also like

Popular Post

Recent Post

© 2024 All Right Reserved. Designed and Developed by The Onesee Store